This article was posted to the Usenet group alt.hackers in
1995; any technical information is probably outdated.
Parent Parent gone Parent
Re: rlogin revealed
Article: 8400 of alt.hackers From: seebs@solutions.solon.com (Peter Seebach) Newsgroups: alt.hackers Subject: Re: rlogin revealed Date: 6 Aug 1995 09:22:56 -0500 Organization: Usenet Fact Police (Undercover) Lines: 65 Approved: seebs@solon.com Message-ID: 402j80$bm5@solutions.solon.com NNTP-Posting-Host: solutions.solon.com Status: RO
In article <3vr6u7$bv7@bubba.NMSU.Edu>, John Holder
<jholder@nmsu.edu> wrote:
>Obhack: using the system libraries to do the above:
>/* The first arg is the full path of the executable you wanna run
> * The second arg is what you what it to look like you are doing
> * (ie, this is what ps and w and other commands will see)
> */
>#include <stdio.h>
>
>main()
>{
> execl("/bin/rlogin jamminbox.site.dom", "vi
thesis.tex", (char *) NULL);
>}
Uhm. The first and 2nd args [of this program] are both ignored. And as given,
this will fail; it will discover there is no file called
'rlogin jamminbox.site.dom' in /bin.
The following was developed at Xerox, but is not to the best of my
knowledge proprieteary.
This should do "the right thing" on any remotely POSIX system.
/* Started Dec 5, 1994 at Xerox.
* All wrongs reversed. */
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int
main(int argc, char *argv[])
{
char **nargv;
int i;
if (argc < 3) {
fprintf(stderr,
"usage: hide fake real\ne.g. hide 'vi thesis'
'rogue'.\n");
exit(1);
}
nargv = malloc(argc * sizeof(char *));
nargv[0] = malloc(strlen(argv[1]) + 1);
strcpy(nargv[0], argv[1]);
for (i = 3; i < argc; ++i) {
nargv[i - 2] = malloc(strlen(argv[i]) + 1);
strcpy(nargv[i - 2], argv[i]);
}
nargv[i] = 0;
if (execvp(argv[2], nargv))
perror("execvp");
return 1;
}
/* cut here */
Known bugs:
It will be immediately obvious to a trained user that the argv[] is fake -
commands which only show argv[0] will show 'vi thesis' in the example, instead
of 'vi'. This is a dead giveaway.
-s
--
Peter Seebach - seebs@solon.com || seebs@intran.xerox.com --- C/Unix
proto-wizard -- C/Unix questions? Send mail for help. No, really!
Copyright 1995 Peter Seebach. Not for distribution through Microsoft Network.
a^n+b^n=c^n has integer solutions {a, b, c, n} only for n<=2. To prove,
assume
Parent Parent gone Parent
Child Child Child Child Child Child